diff options
| author | Mike Crute <mike@crute.us> | 2019-01-11 03:50:23 +0000 |
|---|---|---|
| committer | Mike Crute <mike@crute.us> | 2019-01-11 03:50:23 +0000 |
| commit | 3366b0771e9941f8b906406f515146da88f7e778 (patch) | |
| tree | aefea293ab6fe3789b5ed12755394ec2cacdc1e6 /ssh-bastion | |
| parent | 8317d24796a41b0f27ae4132e25bde0b7b57eb96 (diff) | |
| download | dockerfiles-3366b0771e9941f8b906406f515146da88f7e778.tar.bz2 dockerfiles-3366b0771e9941f8b906406f515146da88f7e778.tar.xz dockerfiles-3366b0771e9941f8b906406f515146da88f7e778.zip | |
Fixup keepalives for ssh
Diffstat (limited to 'ssh-bastion')
| -rw-r--r-- | ssh-bastion/etc/ssh/sshd_config | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/ssh-bastion/etc/ssh/sshd_config b/ssh-bastion/etc/ssh/sshd_config index b15777d..fac41f9 100644 --- a/ssh-bastion/etc/ssh/sshd_config +++ b/ssh-bastion/etc/ssh/sshd_config | |||
| @@ -59,11 +59,15 @@ AcceptEnv LANG LC_* | |||
| 59 | # a correct password. | 59 | # a correct password. |
| 60 | LoginGraceTime 120 | 60 | LoginGraceTime 120 |
| 61 | 61 | ||
| 62 | # After 66 seconds of inactivity, request a keep-alive from the | 62 | # Disconnect dead sessions after 30 minutes of inactivity. The server will send |
| 63 | # client. If they don't respond after ten requests, kill the | 63 | # a keepalive every minutes and tolerate up to 30 failures before terminating |
| 64 | # connection. | 64 | # the session. |
| 65 | ClientAliveInterval 66 | 65 | ClientAliveInterval 60 |
| 66 | ClientAliveCountMax 10 | 66 | ClientAliveCountMax 30 |
| 67 | |||
| 68 | # Don't use TCP keepalives to prevent connections from dying when a temporary | ||
| 69 | # routing issue occurs. | ||
| 70 | TCPKeepAlive no | ||
| 67 | 71 | ||
| 68 | # Allow up to 100 simultaneous unauthenticated connections. Any | 72 | # Allow up to 100 simultaneous unauthenticated connections. Any |
| 69 | # connections beyond that limit will be dropped. | 73 | # connections beyond that limit will be dropped. |